General
-
Target
everything.exe
-
Size
222KB
-
MD5
647e29971448c7f8344cb1dbb30e66f5
-
SHA1
d83b20b1f90e92dd4cdc3bb6d40f8e6d21f56ea8
-
SHA256
7be2a7d739acc59c5421427cd9b722ab9b007007b2997dee1465087eb2a33619
-
SHA512
8f76fa6ae9cd027be27737a4f61800b61b445218cd446c4a2c80b9e360a8db332e08bb368db2e7fa83c9a9ce8d798b33f1b74b9edc047cd51436dc3bf349a8bc
-
SSDEEP
6144:HloZM+rIkd8g+EtXHkv/iD4nSoSrS8euHi:FoZtL+EP8GW
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1284565934647808062/yrfBIUgCKDX2ik-GyhGnUK8lwunOhdwbE-7YzuTn_v2ZC9dezyem8qyeVwd5Y-2mjwlu
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
everything.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections